| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2003-1556 |
79 |
|
XSS |
2003-12-31 |
2018-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI City CC GuestBook allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) homepage_title (webpage title) parameters. |
|
2 |
CVE-2003-1554 |
79 |
|
XSS |
2003-12-31 |
2018-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables. |
|
3 |
CVE-2003-1549 |
79 |
|
XSS |
2003-12-31 |
2018-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter. |
|
4 |
CVE-2003-1547 |
79 |
|
XSS |
2003-12-31 |
2018-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in block-Forums.php in the Splatt Forum module for PHP-Nuke 6.x allows remote attackers to inject arbitrary web script or HTML via the subject parameter. |
|
5 |
CVE-2003-1546 |
79 |
|
XSS |
2003-12-31 |
2017-08-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in gbook.php in Filebased guestbook 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the comment section. |
|
6 |
CVE-2003-1543 |
79 |
|
XSS |
2003-12-31 |
2017-08-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly others, allows remote attackers to inject arbitrary web script or HTML via the query string, which is reflected in an error message. |
|
7 |
CVE-2003-1539 |
79 |
|
XSS |
2003-12-31 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names. |
|
8 |
CVE-2003-1536 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 allow remote attackers to inject arbitrary web script or HTML via (1) the q parameter to search.php and (2) the year parameter to calendar.php. |
|
9 |
CVE-2003-1534 |
79 |
|
XSS |
2003-12-31 |
2018-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice Guestbook 1.3 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) aim, (4) yim, (5) location, and (6) comment variables. |
|
10 |
CVE-2003-1531 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in testcgi.exe in Lilikoi Software Ceilidh 2.70 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string. |
|
11 |
CVE-2003-1522 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in PSCS VPOP3 Web Mail server 2.0e and 2.0f allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to the admin/index.html page. |
|
12 |
CVE-2003-1519 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Vivisimo clustering engine allows remote attackers to inject arbitrary web script or HTML via the query parameter to the search program. |
|
13 |
CVE-2003-1513 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 through 2.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) env.jsp, (2) form.jsp, (3) session.jsp, (4) the move parameter to tictactoe.jsp, or the (5) name or (6) comment fields to guestbook.jsp. |
|
14 |
CVE-2003-1511 |
79 |
|
XSS |
2003-12-31 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or (3) the cookiename parameter to the CookieExample servlet. |
|
15 |
CVE-2003-1506 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the DENIEDURL parameter. |
|
16 |
CVE-2003-1498 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in search.php for WRENSOFT Zoom Search Engine 2.0 Build 1018 and earlier allows remote attackers to inject arbitrary web script or HTML via the zoom_query parameter. |
|
17 |
CVE-2003-1479 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in webcamXP 1.02.432 and 1.02.535 allows remote attackers to inject arbitrary web script or HTML via the message field. |
|
18 |
CVE-2003-1467 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. |
|
19 |
CVE-2003-1453 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag. |
|
20 |
CVE-2003-1420 |
79 |
|
XSS |
2003-12-31 |
2022-02-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header. |
|
21 |
CVE-2003-1400 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the Your_Account module for PHP-Nuke 5.0 through 6.0 allows remote attackers to inject arbitrary web script or HTML via the user_avatar parameter. |
|
22 |
CVE-2003-1384 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to insert arbitrary web script or HTML via the (1) titre, (2) Votre pseudo, (3) Votre e-mail, or (4) Votre message fields. |
|
23 |
CVE-2003-1372 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters. |
|
24 |
CVE-2003-1371 |
79 |
|
XSS +Info |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Nuked-Klan 1.3b, and possibly earlier versions, allows remote attackers to obtain sensitive server information via an op parameter set to phpinfo for the (1) Team, (2) News, or (3) Liens modules. |
|
25 |
CVE-2003-1370 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in Nuked-Klan 1.2b allow remote attackers to inject arbitrary HTML or web script via (1) the Author field in the Guestbook module, (2) the Titre or Pseudo fields in the Forum module, or (3) "La Tribune Libre" in the Shoutbox module. |
|
26 |
CVE-2003-1353 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in Outreach Project Tool (OPT) 0.946b allow remote attackers to inject arbitrary web script or HTML, as demonstrated using the news field. |
|
27 |
CVE-2003-1348 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org Guestbook 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) name, or (3) title field. |
|
28 |
CVE-2003-1347 |
79 |
|
XSS |
2003-12-31 |
2017-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote attackers to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field. |
|
29 |
CVE-2003-1334 |
79 |
|
XSS |
2003-12-31 |
2010-06-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
|
30 |
CVE-2003-1317 |
|
|
XSS |
2003-12-31 |
2017-07-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting (XSS) vulnerability in mod.php in eNdonesia 8.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. |
|
31 |
CVE-2003-1293 |
|
|
XSS |
2003-12-31 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Email and (3) Message fields when signing the guestbook. |
|
32 |
CVE-2003-1285 |
|
|
XSS |
2003-12-31 |
2017-07-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server before 6.0 beta 6 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) isapi/testisa.dll, (2) testcgi.exe, (3) environ.pl, (4) the query parameter to samples/search.dll, (5) the price parameter to mortgage.pl, (6) the query string in dumpenv.pl, (7) the query string to dumpenv.pl, and (8) the E-Mail field of the guestbook script (book.pl). |
|
33 |
CVE-2003-1278 |
|
|
XSS |
2003-12-31 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags. |
|
34 |
CVE-2003-1277 |
|
|
XSS |
2003-12-31 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerabilities in Yet Another Bulletin Board (YaBB) 1.5.0 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into (1) news_icon of news_template.php, and (2) threadid and subject of index.html |
|
35 |
CVE-2003-1271 |
|
|
XSS |
2003-12-31 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows remote attackers to execute arbitrary web script or HTML as other users via a URL containing the script. |
|
36 |
CVE-2003-1243 |
|
|
XSS |
2003-12-31 |
2017-07-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter. |
|
37 |
CVE-2003-1241 |
|
|
Exec Code XSS |
2003-12-31 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) admin_pass.php, (3) admin_modif.php, and (4) admin_suppr.php in MyGuestbook 3.0 allows remote attackers to execute arbitrary PHP code by modifying the location parameter to reference a URL on a remote web server that contains file.php via script injected into the pseudo, email, and message parameters. |
|
38 |
CVE-2003-1238 |
|
|
XSS |
2003-12-31 |
2008-09-05 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the (1) Team, (2) News, and (3) Liens modules. |
|
39 |
CVE-2003-1237 |
|
|
XSS |
2003-12-31 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via a message post. |
|
40 |
CVE-2003-1231 |
|
|
XSS |
2003-12-31 |
2017-07-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop 5.5 allows remote attackers to inject arbitrary web script or HTML via the cat parameter. |
|
41 |
CVE-2003-1219 |
|
|
XSS |
2003-12-31 |
2012-12-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osCommerce before 2.2-MS3 allows remote attackers to inject arbitrary web script or HTML via the osCsid parameter. |
|
42 |
CVE-2003-1211 |
|
|
XSS |
2003-12-31 |
2017-07-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting (XSS) vulnerability in search.asp for MaxWebPortal 1.30 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the Search parameter. |
|
43 |
CVE-2003-1204 |
|
|
XSS |
2003-12-31 |
2017-07-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.12 BETA and earlier allow remote attackers to execute script on other clients via (1) the link parameter in sectionswindow.php, the directory parameter in (2) gallery.php, (3) navigation.php, or (4) uploadimage.php, the path parameter in (5) view.php, (6) the choice parameter in upload.php, (7) the sitename parameter in mambosimple.php, (8) the type parameter in upload.php, or the id parameter in (9) emailarticle.php, (10) emailfaq.php, or (11) emailnews.php. |
|
44 |
CVE-2003-1203 |
|
|
XSS |
2003-03-18 |
2017-07-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in index.php for Mambo Site Server 4.0.10 allows remote attackers to execute script on other clients via the ?option parameter. |
|
45 |
CVE-2003-1197 |
|
|
XSS |
2003-10-30 |
2017-07-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting (XSS) vulnerability in index.php for Ledscripts.com LedForums Beta 1 allows remote attackers to inject arbitrary web script or HTML via the (1) top_message parameter or (2) topic field of a new thread. |
|
46 |
CVE-2003-1194 |
|
|
XSS |
2003-10-30 |
2017-07-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting (XSS) vulnerability in Booby .1 through 0.2.3 allows remote attackers to inject arbitrary web script or HTML via the error message. |
|
47 |
CVE-2003-1190 |
|
|
XSS |
2003-11-03 |
2017-07-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through 2.17 allows remote attackers to inject arbitrary web script or HTML via a recipe. |
|
48 |
CVE-2003-1187 |
|
|
XSS |
2003-11-02 |
2017-07-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting (XSS) vulnerability in include.php in PHPKIT 1.6.02 and 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the contact_email parameter. |
|
49 |
CVE-2003-1184 |
|
|
XSS |
2003-11-03 |
2017-07-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta 2.8 and 2.81 allow remote attackers to inject arbitrary web script or HTML via (1) time in board.php, (2) the profile Homepage-Feld, (3) pictures, and (4) other "Diverse XSS Bugs." |
|
50 |
CVE-2003-1182 |
|
|
XSS |
2003-11-03 |
2017-07-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter. |
